Site Search

Course Navigation


Home| Course Catalog| Career Planning

FREE online courses on Corporate Espionage - What can be done about it - Operations Countermeasures

Operations Countermeasures: As in module II (operations vulnerabilities), operational countermeasures, too, have been classified under four broad heads:

  • Human
  • Creative
  • Communications related
  • Controls fallout

Awareness creation

Awareness creation: People are simply unaware of the usefulness of the information, its value, to others:

  • Competitors
  • bounty hunters (professional information thieves)
  • foreign parties/ government
  • disgruntled employees
  • malicious hijackers

Educate Employees

  • Educate people about the value of information; create awareness, not by speeches or threats of punitive action, but by stirring up curiosity and interest.
  • Stress on how to prevent daily leakage of snippets of information
  • Illustrate with examples/film shows; dramatize!
  • Tell them exactly what they should and/or should not be doing: DO's and DON'Ts: publicize through ongoing process – talks, posters, suggestion schemes.
  • Employee awareness multiplies a hundred fold, the efforts of your security people
  • Security staff also needs fresh orientation/motivation.

 

A Five-Star Hotel was losing lacs of rupees annually through pilferage of cutlery and room accessories (coasters, ashtrays, clocks etc.) After an awareness program, losses on this account came down by 75%. In the field of information pilferage, strict control over communications systems (recording of all phone calls, ‘fax locked' box (key with Manager, Operations) etc. resulted in plugging leakage of bookings data (especially group/ party/ institutional bookings) to a competitor through one of the hotel's bell boys. Occupancy jumped by 70% -in the off season!

Employee Power Harnessed

Reward Programs:

  • Motivational factor
  • Warning to interlopers/ would be attackers
  • People crave recognition/appreciation, and tangible incentives are powerful motivators. The above example of a steady information leak shows how an innovative management can get information from employees/ obtain leads to:
  • Detect information (i.e. money for the hotel) leaks
  • Suitable steps to plug these leaks
  • Alert others, by demonstrative response, to good work being rewarded

 

Banks regularly publish photographs/ ‘incident' sketches in House Magazines, highlighting security awareness/ good presence of mind by staff. For an individual lost in a sea of personnel, this way of gaining fame is a strong motivator and has ‘cascade' effect. As a rule, Bank employees are highly aware of information value, in keeping with their line of work. This is the result of a long-term, sustained awareness program.

Call Back Check

Call Back Check: whenever sensitive information is requested by phone/ fax from unknown/ less-known individuals who have not been previously authorized access to such data by a suitable authority, they should be asked to leave a phone number.

  • This can be cross checked from Directory Information Services
  • If the said person is available on dialing back after some time, chances of a genuine enquiry are strengthened (not proved!).
  • Sensitive information should only be released after proper authorization by a supervisor.
  • Install CLI (Calling Line/ Identification) facility to further cross check.

 

Telephone exchanges (for booking Trunk calls), Airlines and Hotels  (to confirm authenticity of bookings made over the telephone) observe this as a standard practice. You can, too.

Verify Need For Access To Information

  • Information, however non-sensitive, should not be automatically handed over
  • Perceptions/ priority of information may not be readily apparent to everyone, especially front-office staff
  • Always ask why the person wants the information
  • Consult, before release
  • Increased awareness training/education, will reduce need for supervision of this area of leakage.
  • Train staff to rarely volunteer information.
  • Guard against ‘social engineering'.

Mukesh had a secret meeting with a prospective client in an expensive restaurant and had slipped away unnoticed. But an operative was able to get the information of his whereabouts by asking reception when he'd be back – they loudly calculated time to eat lunch/discuss, travel time from the restaurant (named) to office and asked him to return after two hours. He rushed to the restaurant, spotted them coming out, then tailed the party and submitted the rival company's offer. Small mistakes can cost heavily.

Verifying Identities and Purposes

In the above example, a simple request for a business card (he had none in his false identify) would have foiled the bid. Car finance companies initially call for Company Business Cards, as a routine screen.

Access Badges Without Names

  • Names/ photos are not really relevant
  • Employee number should be enough
  • Badge should be distinctive/hard to copy

 

ID Cards of most Government/Private Sector departments are easy to fake. One corner shop in Karol Bagh had hundreds of different IDs card formats/lamination arrangements/chain. On 25th July 2000 an imposter was caught impersonating a TTE in the first class A C compartment of a prominent train. He used to pose as a TTE, pretend to find fault in the ticket, express a need to show it to his supervisor, then detrain at the next stop and sell the ticket @50% value. His fake ID card had netted him over Rs 1,50,000 at the time of his arrest.

Frequent Contact with Outsiders Employees of Rival Firms

  • Can be easily monitored where secluded/ exclusive staff quarters are provided, and guards at entry gate are vigilant. Staff quarters are an HR additive, a huge motivator, as are staff buses. Both also aim at security.
  • May reveal an unhealthy nexus aimed at personal gain by unscrupulous/ disgruntled employee(s).
  • Large Companies like MUL and Escorts have exclusive staff colonies.

Non-Disclosure Non-Compete Employee Undertakings

These legally bind an employee not to:

  • Disclose information vital to the company's security/business
  • Start his own business (after leaving the company) on the same pattern as previous employer, before lapse of at least 12 months.

Many Government Departments prohibit retiring personnel from taking up re-employment, independent of Government referral, before 24 months have elapsed.

 

Our Network Of Sites:
Apply 4 Admissions.com              | A2ZColleges.com  | OpenLearningWorld.com  | Totaram.com
Anatomy Colleges.com                | Anesthesiology Schools.com  | Architecture Colleges.com | Audiology Schools.com
Cardiology Colleges.com            | Computer Science Colleges.com| Computer Science Schools.com| Dermatology Schools.com
Epidemiology Schools.com         | Gastroenterology Schools.com  | Hematology Schools.com     | Immunology Schools.com
IT Colleges.com                | Kinesiology Schools.com  | Language Colleges.com  | Music Colleges.com
Nephrology Schools.com             | Neurology Schools.com  | Neurosurgery Schools.com | Obstetrics Schools.com
Oncology Schools.com    | Ophthalmology Schools.com | Orthopedics Schools.com       | Osteopathy Schools.com
Otolaryngology Schools.com| Pathology Schools.com  | Pediatrics Schools.com  | Physical Therapy Colleges.com
Plastic Surgery Schools.com| Podiatry Schools.com  | Psychiatry Schools.com   | Pulmonary Schools.com 
Radiology Schools.com| Sports Medicine Schools.com| Surgery Schools.com | Toxicology Schools.com
US Law Colleges.com| US Med Schools.com | US Dental Schools.com

About Us Terms of Use | Contact Us | Partner with Us | Press Release | Sitemap | Disclaimer | Privacy Policy


©1999-2011 OpenLearningWorld . com - All Rights Reserved